Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/mHiX18wSKXJVFay0zetqN-qNw60.roa
File: mHiX18wSKXJVFay0zetqN-qNw60.roa (raw, json)
Hash identifier: 3gq+O2P63jp/Mg7ywdDioGko1E0zBXiUHrh1K8cGPjU=
Subject key identifier: 98:78:97:D7:CC:12:29:72:55:15:AC:B4:CD:EB:6A:37:EA:8D:C3:AD
Certificate issuer: /CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
Certificate serial: 018572FA79B5C4002FBB1356D238F56E3AF5
Authority key identifier: 17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/mHiX18wSKXJVFay0zetqN-qNw60.roa
Signing time: Mon 02 Jan 2023 14:54:55 +0000
ROA not before: Mon 02 Jan 2023 14:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24882
IP address blocks: 193.111.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:79:b5:c4:00:2f:bb:13:56:d2:38:f5:6e:3a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
Validity
Not Before: Jan 2 14:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=987897d7cc1229725515acb4cdeb6a37ea8dc3ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:54:fe:86:0e:cd:10:ea:1b:e8:c5:b9:b4:
9e:1d:7a:35:8c:ae:6c:5d:dd:88:4a:d6:db:f6:af:
81:7a:3a:72:47:3d:74:db:65:d9:7c:d0:d8:2b:51:
86:7e:e9:aa:60:0a:77:b7:bd:0b:22:f6:84:05:65:
c1:1a:05:1b:a5:05:4f:2d:ee:50:5f:bd:4e:44:8b:
ca:cc:47:d5:fb:e3:91:db:ab:ae:dd:a9:c8:5e:c6:
8c:87:23:ed:f2:fd:6e:af:6e:32:7e:50:f7:58:98:
fa:74:97:98:da:92:6e:96:bc:5f:85:de:8f:46:24:
84:eb:c3:7e:7a:18:46:2a:76:b0:e3:c9:68:42:48:
42:3e:90:f6:aa:68:df:a8:8a:db:90:ee:85:5f:7c:
f2:0c:18:66:ad:82:db:bb:c8:67:1d:30:68:f0:50:
36:05:22:c2:13:44:7a:2c:64:f2:3c:fb:df:7c:1a:
48:f7:f7:90:a6:c0:31:a5:43:37:39:6b:7f:3b:9b:
7d:71:c3:34:55:d9:02:de:d0:af:8a:e9:a0:37:ce:
5b:dc:45:5b:fd:dc:02:c8:f7:aa:a1:ac:32:4b:81:
e9:db:bd:25:20:ce:0e:c8:d7:ca:7d:c4:28:12:c3:
8d:3f:7c:c6:38:a0:46:94:19:bb:ed:3f:bd:05:d6:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:78:97:D7:CC:12:29:72:55:15:AC:B4:CD:EB:6A:37:EA:8D:C3:AD
X509v3 Authority Key Identifier:
keyid:17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/mHiX18wSKXJVFay0zetqN-qNw60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/F6b6gLLRxD7J6oJOfoOV95KU44o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2d:e0:7d:80:67:91:2a:0f:30:74:40:ea:59:5d:b5:a7:1d:
ac:8c:11:de:1d:6e:bf:34:2e:5e:53:59:b5:13:3a:a8:86:e3:
57:5c:33:9a:67:ac:f2:c1:ac:17:e4:6c:4a:c0:a7:6a:fb:64:
10:36:d2:8d:d6:ee:82:a5:e1:d6:b1:02:e1:99:53:30:7c:98:
cd:ad:d6:0d:c5:12:22:f0:1c:c2:7a:af:de:4e:88:de:f6:12:
44:fb:f5:27:a5:08:5f:ab:f1:28:8b:49:4c:6e:ec:3d:6d:4a:
c6:3c:e6:9e:f1:be:fe:1e:9f:53:be:2d:12:3f:5d:e7:48:4d:
99:ac:39:2b:d5:4a:4a:05:b2:e3:5f:b5:29:72:7b:6d:fa:81:
ae:e9:68:61:c4:8b:0c:36:1f:eb:41:df:82:24:e9:e6:9e:6b:
a4:35:2e:8b:b3:d9:e4:fd:f1:8a:31:4d:58:72:df:d1:d9:0a:
b2:51:2a:d2:f6:6e:48:ba:02:6c:69:02:28:de:a2:f8:d7:98:
5c:c2:fb:92:47:e7:01:61:18:60:cd:f6:ae:fc:97:97:a5:ab:
94:b4:9f:cd:ee:30:8e:b5:bf:9a:06:03:36:9b:0a:ae:ef:4d:
84:16:74:5f:2a:d5:87:56:95:ca:5c:ec:9f:15:c9:ed:fa:f4:
33:0a:24:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+nm1xAAvuxNW0jj1bjr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YTZmYTgwYjJkMWM0M2VjOWVhODI0ZTdlODM5NWY3OTI5
NGUzOGEwHhcNMjMwMTAyMTQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc4OTdkN2NjMTIyOTcyNTUxNWFjYjRjZGViNmEzN2VhOGRjM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq5U/oYOzRDqG+jFubSeHXo1jK5s
Xd2IStbb9q+BejpyRz1022XZfNDYK1GGfumqYAp3t70LIvaEBWXBGgUbpQVPLe5Q
X71ORIvKzEfV++OR26uu3anIXsaMhyPt8v1ur24yflD3WJj6dJeY2pJulrxfhd6P
RiSE68N+ehhGKnaw48loQkhCPpD2qmjfqIrbkO6FX3zyDBhmrYLbu8hnHTBo8FA2
BSLCE0R6LGTyPPvffBpI9/eQpsAxpUM3OWt/O5t9ccM0VdkC3tCviumgN85b3EVb
/dwCyPeqoawyS4Hp270lIM4OyNfKfcQoEsONP3zGOKBGlBm77T+9BdbucQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJh4l9fMEilyVRWstM3rajfqjcOtMB8GA1UdIwQY
MBaAFBem+oCy0cQ+yeqCTn6DlfeSlOOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjZiNmdMTFJ4RDdKNm9KT2ZvT1Y5NUtVNDRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iYmZlNDgtZjE0ZC00MGQxLTlmMWEt
Y2I5ZTQ1YmIwYzYzLzEvbUhpWDE4d1NLWEpWRmF5MHpldHFOLXFOdzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iYmZlNDgtZjE0ZC00MGQxLTlmMWEtY2I5ZTQ1YmIwYzYz
LzEvRjZiNmdMTFJ4RDdKNm9KT2ZvT1Y5NUtVNDRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+tMA0G
CSqGSIb3DQEBCwUAA4IBAQBKLeB9gGeRKg8wdEDqWV21px2sjBHeHW6/NC5eU1m1
EzqohuNXXDOaZ6zywawX5GxKwKdq+2QQNtKN1u6CpeHWsQLhmVMwfJjNrdYNxRIi
8BzCeq/eToje9hJE+/UnpQhfq/Eoi0lMbuw9bUrGPOae8b7+Hp9Tvi0SP13nSE2Z
rDkr1UpKBbLjX7Upcntt+oGu6WhhxIsMNh/rQd+CJOnmnmukNS6Ls9nk/fGKMU1Y
ct/R2QqyUSrS9m5IugJsaQIo3qL415hcwvuSR+cBYRhgzfau/JeXpauUtJ/N7jCO
tb+aBgM2mwqu702EFnRfKtWHVpXKXOyfFcnt+vQzCiR8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:54 2025 by rpki-client